Using all you’ve learned thus far, construct an in-depth and thoughtful discussion of the implications of the following scenario: New aircraft designs use TCP/IP technology for the main aircraft backbone, connecting flight-critical avionics and passenger information and entertainment systems in a manner that virtually makes the aircraft an airborne, interconnected network domain server. What are the implications? Are there or should there be security concerns?
Using all you’ve learned thus far, construct an in-depth and thoughtful discussion of the implications of the following scenario: New aircraft designs use TCP/IP technology for the main aircraft backbone, connecting flight-critical avionics and passenger information and entertainment systems in a manner that virtually makes the aircraft an airborne, interconnected network domain server. What are the implications? Are there or should there be security concerns?
First it is important to have a technical definition of Avionics (from Wikipedia), to wit:
“Avionics are the electronic systems used on aircraft, artificial satellites, and spacecraft.
Avionic systems include communications, navigation, the display and management of multiple systems, and the hundreds of systems that are fitted to aircraft to perform individual functions.”
Components include:
Communications: Communications connect the flight deck to the ground and the flight deck to the passengers. On‑board communications are provided by public-address systems and aircraft intercoms.
Navigation: Navigation is the determination of position and direction on or above the surface of the Earth.
Monitoring: Refers to the use of computer monitors instead of gauges and other analog displays.
Aircraft flight-control systems: Aircraft have means of automatically controlling flight. Today automated flight control is common to reduce pilot error and workload at key times like landing or takeoff.
Collision-avoidance systems: This can detect the location of nearby aircraft, and provide instructions for avoiding a midair collision.
Weather systems: important for aircraft flying at night or in instrument meteorological conditions, where it is not possible for pilots to see the weather ahead.
Aircraft management systems: Centralized control of the multiple complex systems fitted to aircraft, including engine monitoring and management.
With the TCP/IP technology for the “main aircraft backbone, connecting flight-critical avionics and passenger information and entertainment systems,” this means that the avionics system and the passengers who use entertainment, information and communications services through inflight WiFi are interconnected.
Cyber savvy terrorists can sabotage or disrupt the flight by accessing the backbone and the avionics systems and cause the following:
1. Give the pilots false information on the weather,
2. Disrupt navigation
3. Give false info on the condition of the engines,
4. Disable the collision avoidance systems while in heavy traffic, causing a disastrous mid-air collision.
5. Sabotage communications between the pilots and air controllers during the critical stages of the flight.
6. Seize control of the flight and control the autopilot causing a crash or landing the plane somewhere else or even violating a country's air space causing a serious security incident when the country's Air Defense Identification Zone or ADIZ is violated.
From the course reading “Network Security” we are told about:
“Telnet… an application protocol associated with the TCP/IP family. It enables a user at one computer to log in to another computer, issue commands to the operating system, and run programs. A Telnet server will listen for remote connections on TCP port 23, while an email service based on another application protocol, SMTP (simple mail transfer protocol), will listen for incoming connections on TCP port 25… From the description in the box, Telnet presents a significant security risk in terms of its ability to exercise remote control of a workstation, server or other network device.”
There is a defense against this: “Telnet can be disallowed by including its TCP port number in the filtering rules. Given that a TCP port number specifies a type of service and an IP address specifies a host address, you should be able to see how combinations of the two can be used to restrict access to certain services to certain hosts.
“An external attack could be based on knowledge of one of the target network's internal IP addresses. However, a packet arriving at a network interface from an external circuit, but having an internal source IP address, would be highly suspect. This could be reflected in the packet-filtering rules by specifying that, for all interfaces from external circuits, packets presenting source addresses that are internal network IP addresses would be barred. This type of attack is termed ‘IP address spoofing’.”
These are comforting safeguards but for every defense, a determined group can devise a new counterattack. Thus, the Network Security specialists, and we are talking here of high level technical expertise that is external to the airline company, will need to be in constant watch for possible vulnerabilities of the system to cyber attack from a passenger on board. A big airline may be handling hundreds of flights a year, each flight vulnerable to an attack on its avionics by a passenger using the TCP/IP based main aircraft backbone.
Just one successful attack would be one attack too many and compromise the whole airline industry.
With so many strange aircraft accidents lately (Malaysian Airlines disappearing and the crash of GermanWings in the Alps), such cyberattacks on board are not improbable and should be considered real threats.
No comments:
Post a Comment